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IN THE CLAIMS 

This listing of claims replaces all prior listings: 

1 . (Currently Amended) A person authentication application data processing system 
which performs a person authentication process by comparing a template extracted from a person 
identification certificate, the template including person identification data of an individual user 
who uses an information processing apparatus, and user input sampling information, said person 
authentication application data processing system comprising: 

an information processing apparatus configured to perform person authentication; 

a service distribution device configured to receive various services from a service 
provider under the control of a service registration server when the service distribution device is 
registered with the service registration server; and 

a person identification certificate unit configured to issue person identification 
certificates ; and 

a certificate unit configured to issue public key certificates , 

wherein, 

said information processing apparatus is configured to retrieve a person 
identification certificate for person authentication from the local storage device based on 
user input information, 

the information processing apparatus is configured to request the person 
identification certificate uni t and to issue a new person identification certificate if the 
person identification certificate does exist in the local storage device, 



Response to September 15, 2010 Office Action 
Application No. 09/944,501 
Page 3 

said person identification certificate unit is configured to issue a new person 
identification certificate including an encrypted template, which can be decrypted in said 
information processing apparatus, in response to the request from the information 
processing apparatus, 

said information processing apparatus is configured to receive the person 
identification certificate from the person identification unit and store the person 
identification certificate issued from said person identification certificate unit in the local 
storage device of the information processing apparatus remotely from the server 

said information processing apparatus associates a public key certificate issued 

from the certificate unit with the person identification certificate . 

2. (Previously Presented) A person authentication application data processing system 
according to Claim 1 , wherein, 

said information processing apparatus creates a pair of identifiers of each person 
identification certificate and stores the pair of identifiers in the storage device when said newly 
obtained person identification certificate is a person identification certificate corresponding to 
the same user for an existing public key certificate which has already been stored in said 
information processing apparatus, 

3. (Currently Amended) A person authentication application data processing system 
according to Claim 1 , further comprising 

a certificate unit that issues public key certificates, 
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wherein, 

said information processing apparatus retrieves a public key certificate used during data 
communication with an external apparatus, with stored data of the storage device of the 
information processing apparatus being used as the retrieval target on the basis of the user input 
information, 

said information processing apparatus is configured to (a) create a public key and a 
secret key when the applicable public key certificate cannot be extracted, (b) transmit the created 
public key to the person identification certificate unit (c) make a request for issuing a person 
identification certificate,(d) issue a public key certificate corresponding to an individual user or a 
public key certificate corresponding to said information processing apparatus, and (e) store the 
public key certificate issued from said certificate unit in the local storage device of the 
information processing apparatus. 

4. (Previously Presented) A person authentication application data processing system 
according to Claim 3, wherein, said information processing apparatus creates pair information of 
identifiers of each certificate and stores the pair information in the storage device when said 
newly obtained person identification certificate is a person identification certificate 
corresponding to the same user for an existing public key certificate which has already been 
stored in said information processing apparatus,. 

5. (Previously Presented) A person authentication application data processing system 
according to Claim 3, wherein, 

said information processing apparatus creates identifiers of each certificate, stores the 
pair information in the local storage device, and registers a process identifier which identifies a 
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process including services to be used when said newly obtained person identification certificate 
is a person identification certificate corresponding to the same user for an existing public key 
certificate which has already been stored in said information processing apparatus,. 

6. (Previously Presented) A person authentication application data processing system 
according to Claim 1 , further comprising 

a service distribution device configured to receive various services from a service 
provider under the control of a service registration server when the service distribution device is 
registered with the service registration server, 

wherein, 

said information processing apparatus performs a person authentication process based on 
a verification process between the template extracted from the person identification certificate 
and user input sampling information, the template being person identification data of an 
individual user who uses the information processing apparatus, and performs user registration for 
said service registration server on the condition that person authentication is established. 

7. (Currently Amended) A person authentication application data processing system 
according to Claim 1 

wherein, 

said information processing apparatus performs a mutual authentication with said service 
provider by using [[a]]_the public key certificate corresponding to an individual user or a public 
key certificate corresponding to said information processing apparatus in a process for receiving 
service distribution from said service provider, and 
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said service provider provides services for said information processing apparatus upon 
confirmation that the public key certificate used for said mutual authentication corresponds to an 
authorized user or device registered in said service registration server and said mutual 
authentication is established. 

8. (Previously Presented) A person authentication application data processing system 
according to Claim 1 , wherein data communication between said information processing 
apparatus as a person authentication execution entity and the person identification certificate unit 
as a person identification certificate issuing entity is performed on the condition that a mutual 
authentication process is established. 

9. (Previously Presented) A person authentication application data processing system 
according to Claim 1 , wherein, 

a data transmission device creates an electronic signature for transmission data, and 
a receiving device verifies the electronic signature for data communication between said 
information processing apparatus as a person authentication execution entity and the person 
identification certificate unit as a person identification certificate issuing entity,. 

10. (Previously Presented) A person authentication application data processing system 
according to Claim 1 , wherein an encryption key used to encrypt the template stored in the 
person identification certificate issued from said person identification certificate unit is a public 
key which is set for said information processing apparatus or an individual user. 

1 1 . (Previously Presented) A person authentication application data processing system 
according to Claim 1, wherein said template includes at least one of biometric information and 
non-biometric information and a password, the biometric information selected from the group 
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consisting of fingerprint information, retina pattern information, iris pattern information, voice 
print information, and handwriting information, the non-biometric information selected from the 
group consisting of such as a seal, a passport, a driver's license, and a card. 

12. (Withdrawn) A person authentication application data processing method for 
performing a person authentication process by comparing a template extracted from a person 
identification certificate, the template including person identification data of an individual user 
who uses an information processing apparatus and user input sampling information, said person 
authentication application data processing method comprising: 

a step for providing an information processing apparatus as a person authentication 
execution entity and a person identification certificate authority as a person identification 
certificate issuing entity; 

a step in which said information processing apparatus retrieves a person identification 
certificate for person authentication based on user input information, and, when the information 
processing apparatus determines that the person identification certificate has not been received 
from the person identification certificate authority and stored locally in a local storage device of 
the information processing apparatus, outputs a request for issuing a person identification 
certificate to the person identification certificate authority which is a person identification 
certificate issuing entity; 

a step in which said person identification certificate authority creates a person 
identification certificate including an encoded template, which can be decrypted in said 
information processing apparatus, and issues the person identification certificate responsive to 
the request from the information processing apparatus; and 
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a step in which said information processing apparatus stores the person identification 
certificate issued from said person identification certificate authority in the storage device of the 
information processing apparatus. 

13. (Withdrawn) A person authentication application data processing method according 
to Claim 12, wherein, when said information processing apparatus stores a newly obtained 
person identification certificate in the storage device, and when said newly obtained person 
identification certificate is a person identification certificate corresponding to the same user for 
an existing public key certificate which has already been stored in said information processing 
apparatus, said information processing apparatus creates pair information of identifiers of each 
person identification certificate and stores the pair information in the storage device. 

14. (Withdrawn) A person authentication application data processing method according 
to Claim 12, further comprising: 

a step for providing a certificate authority as a public key certificate issuing entity; 

a step in which said information processing apparatus retrieves a public key certificate 
used during data communication with an external apparatus, with stored data of the storage 
device of the information processing apparatus being used as the retrieval target on the basis of 
the user input information, creates a pair of a public key and a secret key when the applicable 
public key certificate cannot be extracted, transmits the created public key to the person 
identification certificate authority which is the issuing entity of the public key certificate, and 
makes a request for issuing a person identification certificate; 
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a step in which said person identification certificate authority issues a public key 
certificate corresponding to an individual user or a public key certificate corresponding to said 
information processing apparatus; and 

a step in which said information processing apparatus stores the public key certificate 
issued from said certificate authority in the storage device of the information processing 
apparatus. 

15. (Withdrawn) A person authentication application data processing method according 
to Claim 14, wherein, in the process for storing the newly obtained person identification 
certificate in the storage device, when said newly obtained person identification certificate is a 
person identification certificate corresponding to the same user for an existing public key 
certificate which has already been stored in said information processing apparatus, said 
information processing apparatus creates pair information of identifiers of each certificate and 
stores the pair information in the storage device. 

16. (Withdrawn) A person authentication application data processing method according 
to Claim 14, wherein, in the process for storing the newly obtained person identification 
certificate in the storage device, when said newly obtained person identification certificate is a 
person identification certificate corresponding to the same user for an existing public key 
certificate which has already been stored in said information processing apparatus, said 
information processing apparatus creates pair information of identifiers of each certificate, stores 
the pair information in the storage device, and registers a process identifier which identifies a 
process including services to be used. 
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17. (Withdrawn) A person authentication application data processing method according 
to Claim 12, further comprising: 

a step for providing a service distribution device in which various services such as 
content distribution can be received from a service provider under the control of a service 
registration server on the condition of user registration for the service registration server; and 

a step in which said information processing apparatus performs a person authentication 
process based on a verification process between a template extracted from the person 
identification certificate and user input sampling information, the template being person 
identification data of an individual user who uses the information processing apparatus, and 
performs user registration for said service registration server on the condition that person 
authentication is established. 

18. (Withdrawn) A person authentication application data processing method according 
to Claim 12, further comprising: 

a step for providing a service distribution device in which various services such as 
content distribution can be received from a service provider under the control of a service 
registration server on the condition of user registration for the service registration server; 

a step in which, in a process for receiving service distribution from said service provider, 
said information processing apparatus performs mutual authentication with said service provider 
by using a public key certificate corresponding to an individual user who uses the information 
processing apparatus or a public key certificate corresponding to said information processing 
apparatus; and 
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a step in which said service provider provides services for said information processing 
apparatus on the condition that it is confirmed that the public key certificate used for said mutual 
authentication corresponds to an authorized user or device registered in said service registration 
server and said mutual authentication is established. 

19. (Withdrawn) A person authentication application data processing method according 
to Claim 12, wherein data communication between said information processing apparatus as a 
person authentication execution entity and the person identification certificate authority as a 
person identification certificate issuing entity is performed on the condition that the mutual 
authentication process is established. 

20. (Withdrawn) A person authentication application data processing method according 
to Claim 12, wherein, for data communication between said information processing apparatus as 
a person authentication execution entity and the person identification certificate authority as a 
person identification certificate issuing entity, a data transmission device creates an electronic 
signature for transmission data, and a receiving device verifies the electronic signature. 

21 . (Withdrawn) A person authentication application data processing method according 
to Claim 12, wherein an encryption key used to encrypt the template stored in the person 
identification certificate issued from said person identification certificate authority is a public 
key which is set for said information processing apparatus or an individual user. 

22. (Withdrawn) An information processing apparatus for performing a person 
authentication process based on a verification process between a template extracted from a 
person identification certificate in which the template is stored and user input sampling 
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information, the template being person identification data of an individual user who uses the 
information processing apparatus, 

wherein said information processing apparatus performs a process for retrieving a person 
identification certificate used for a person authentication process based on user input information 
with stored data of the information processing apparatus being used as the retrieval target, 
outputs a request for issuing a person identification certificate to a person identification 
certificate authority, which is a person identification certificate issuing entity, when the 
information processing apparatus determines that the person identification certificate has not 
been received from the person identification certificate authority and stored locally in a local 
storage device of the information processing apparatus, and stores the person identification 
certificate issued from the person identification certificate authority in the storage device of the 
information processing apparatus. 

23. (Withdrawn) An information processing apparatus according to Claim 22, wherein, 
in the process for storing the newly obtained personal identification certificate in the storage 
means, when said newly obtained person identification certificate is a person identification 
certificate corresponding to the same user for an existing public key certificate which has already 
been stored in said information processing apparatus, said information processing apparatus 
performs a process for creating pair information of identifiers of each certificate and for storing 
the pair information in the storage device. 

24. (Withdrawn) An information processing apparatus according to Claim 22, wherein 
said information processing apparatus retrieves a public key certificate used for data 
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communication with an external apparatus with stored data of the storage device of the 
information processing apparatus being used as the retrieval target on the basis of user input 
information, creates a pair of a public key and a secret key when a corresponding public key 
certificate cannot be extracted, transmits the created public key to the certificate authority which 
is a public key certificate issuing entity, makes a request for issuing a public key certificate, and 
performs a process for storing the public key certificate issued from said certificate authority in 
the storage stores of the information processing apparatus. 

25. (Withdrawn) An information processing apparatus according to Claim 24, wherein, 
in the process for storing the newly obtained personal identification certificate in the storage 
device, when said newly obtained person identification certificate is a person identification 
certificate corresponding to the same user for an existing public key certificate which has already 
been stored in said information processing apparatus, said information processing apparatus 
performs a process for creating pair information of identifiers of each certificate and stores the 
pair information in the storage device. 

26. (Withdrawn) An information processing apparatus according to Claim 24, wherein, 
in the process for storing the newly obtained personal identification certificate in the storage 
device, when said newly obtained person identification certificate is a person identification 
certificate corresponding to the same user for an existing public key certificate which has already 
been stored in said information processing apparatus, said information processing apparatus 
performs a process for creating pair information of identifiers of each certificate, stores the pair 
information in the storage device, and registers together a process identifier which identifies a 
process such as services to be used. 
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27. (Withdrawn) A program providing medium for providing a computer program for 
causing a person application authentication data process for performing a person authentication 
process to be performed in a computer system based on a verification process between a template 
extracted from a person identification certificate in which the template is stored and user input 
sampling information, the template being person identification data of an individual user who 
uses an information processing apparatus, said computer program comprising: 

a step for retrieving a person identification certificate used for a person authentication 
process based on the user input information; 

a step for outputting a request for issuing a person identification certificate to a person 
identification certificate authority, which is a person identification certificate issuing entity, 
when the information processing apparatus determines that the person identification certificate 
has not been received from the person identification certificate authority and stored locally in a 
local storage device of the information processing apparatus; 

a step for creating pair information of identifiers of each certificate when said person 
identification certificate issued from said person identification certificate authority is a person 
identification certificate corresponding to the same user for an existing public key certificate 
which has already been stored in said information processing apparatus; and 

a step for storing the pair information in the storage device. 
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